<?php

if (!defined('PUBLIC_HTML'))
{
	exit;
}

if (!$user->is_admin)
{
	redirect('cms.php?p=users');
	exit;
}

/***********************
* ADDING THE USER
************************/
$submit	= (isset($_POST['submit'])) ? true : false;

if ($submit) 
{
	
	$p_username = htmlentities($_POST['username'], ENT_QUOTES);
	$p_password = $string->secure($_POST['user_pass'], 'password');
	$p_active	= 1;
	$p_level	= intval($_POST['user_level']);    
	
	// Gather data and prepare for insertion
	$post = array(
		'user_id'		=> NULL,
		'username'		=> $p_username,
		'user_pass'		=> $p_password,
		'user_active'	=> $p_active,
		'user_level'	=> $p_level
	);
	
	if ($post['username'] == '' || $post['user_pass'] == '')
	{
		$error_message = 'U heeft niet alle velden ingevuld';
	}
	elseif ($db->sql_count(TABLE_USERS, 'username', $post['username']) > 0) 
	{
		$error_message = "Er bestaat al een gebruiker genaamd " . $post['username'] . " in de database!";
	}
	else
	{
		$error_message = '';
		
		// Insert the data
		$db->sql_insert_row(TABLE_USERS, $post);
		
		// Redirect to the userlist
		redirect('?p=users&add_succes=1');
		exit;
	}
}
else
{
	
	// Initial error message
	$error_message = '';
	
	$post = array(
		'username'	=> '',
		'user_pass'	=> ''
	);
}

$tpl_content_vars = array(
	'USERNAME'	=> $post['username'],
	'PASSWORD'	=> $post['user_pass'],
	'ERROR'		=> $error_message,
);
$tpl_content->assign($tpl_content_vars);

?>